Dell InTrust Aims to Accelerate Security Discovery
Dell is upgrading its InTrust software to version 11.0 with the promise of faster discovery and audit capabilities.Looking through log data to find potential security risks is much like trying to find a needle in a haystack. Seeking to help find the proverbial needle faster, Dell is updating its InTrust software to version 11.0 with the promise of faster discovery and audit capabilities. InTrust is designed to help enterprises meet compliance requirements for log data and identify potential security incidents. While InTrust has features that are often thought of in the market as belonging to a SIEM (security information and event management) product, Dell is positioning InTrust in a different way. The SIEM marketplace is highly competitive with products including Splunk HP ArcSight and IBM qRadar all vying for market share. "InTrust has functions like a SIEM, but it's not a 100 percent SIEM itself," Alexey Korotich, senior product manager at Dell, told eWEEK. "We see customers that own SIEM solutions and they still purchase InTrust."
InTrust can enable a third-party SIEM product by providing high-quality data and helping speed up the detection of threats, Korotich said, adding that InTrust is able to provide additional insight into user activity on a network.
Prior versions of InTrust also had search capabilities, though they were somewhat limited, he said. "Previously, search was limited to just one type of data, which is event logs," Korotich said."Now, we enable search across other types of IT information, including users and permissions." Additionally, with InTrust 11.0, the IT search is available through a Web interface that can provide real-time insights. The ability to deliver the fast response is enabled through technology innovation built by Dell for data storage, the company said. Part of the core intellectual property that Dell has with InTrust is its repository software, Korotich explained. The repository is able to compress data at a 40:1 ratio. The repository also has an index function such that data can be quickly searched and retrieved. "Repository is a flat file storage system that is essentially a NoSQL database," Korotich said. Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.